Fixed: SBACipollaSrvHost exposes WCF service to low privilege users which can be leveraged to execute arbitrary code as SYSTEM.Check Point would like to thank Jakub Palaczynski for reporting the issues.Doing this on files with limited access gains the local attacker higher privileges to the file. Fix for CVE-2019-8455: A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission changed so that all users can access that linked file.This can allow a local attacker to replace a DLL file with a malicious one and cause Denial of Service to the client. Fix for CVE-2019-8453: Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are taken from directories where all users have write permissions.New: ZoneAlarm Safe Search – English version only.New: Web Secure Free Chrome extension: blocks phishing attacks and safely download documents in Chrome – English version only.New: ZoneAlarm Safe Search – Adding to French, German, Italian and Spanish versions.New: Web Secure Free Chrome extension, blocks phishing attacks and safely download documents in Chrome – Adding to French, German, Italian and Spanish versions.Fixed: For CVE-2020-6013 - Insecure directory privileges allow for a local escalation of privilege on systems not patched with Microsoft CVE-2020-00896.Fixed: Bug fixes to improve stability and upgrades from previous versions.Improved: Enhanced code signing procedures.Fix installation failure due to missing root certificate.Resolves install/uninstall issues on Windows 11.
This version is not supported for Windows 7.Automatic upgrades to the latest available version.Anti-Bot: New feature added that stops Bot attacks.
0 kommentar(er)
